CLAIMS 



1 . A multicast source control method, comprising the steps of: 
a. creating multicast source authentication information; 
5 b. a management platform of the multicast source authentication information 

dynamically updating said multicast source authentication information in accordance 
with restriction on multicast source; 

c. controlling multicast message sent from the multicast source in accordance with 
said multicast source authentication information. 
10 2. The multicast source control method according to claim 1, wherein said step a 

comprises: 

creating multicast source authentication information in master multicast source 
authentication server and slave multicast source authentication server, respectively; 
wherein the management platform of the multicast source authentication information in 
1 5 said step b comprises a master multicast source authentication server. 

3. The multicast source control method according to claim 1 or 2 t wherein said 
multicast source authentication information is recorded in a tabular form; 

said multicast source authentication information table contains a corresponding 
relationship between multicast source address and multicast address; 
20 said multicast address is a result of AND operation on multicast address and 

address mask. 

4. The multicast source control method according to claim 3, wherein said step b 
comprises: 

said slave multicast source authentication server, in accordance with the multicast 
25 source authentication information in the master multicast source authentication server, 
updating the multicast source authentication information stored therein at a predefined 
period; 



when the multicast source authentication information in said master multicast 
source authentication server is changed, notifying said slave multicast source 
authentication server to update the multicast source authentication information stored 
therein. 

5 5. The multicast source control method according to claim 4, wherein said step c 

comprises: 

c1. after receiving a multicast message sent from the multicast source, a 
predefined node initiating an authentication request to the preconfigured multicast 
source authentication server thereof; 

10 c2.said multicast source authentication server performing a longest prefix matching 

with the multicast address contained in the authentication request based on the multicast 
address in the multicast source authentication information table stored therein, and 
sending a response indicating whether the authentication request is successful to said 
predefined node according to the matching result; 

15 c21 . if the multicast source address corresponding to the matched multicast 

address is identical to the multicast source address in said authentication request, 
sending a response indicating that the authentication request is successful to said 
predefined node ; after receiving the response indicating that the authentication 
request is successful, said predefined node permitting said multicast message to enter 

20 into the multicast network; 

c22.if the multicast source address corresponding to the matched multicast 
address is different from the multicast source address in said authentication request, 
sending a response indicating that the authentication request has failed, to said 
predefined node; after receiving the response indicating that the authentication request 

25 has failed, said predefined node forbidding said multicast message to enter into the 
multicast network. 

6. The multicast source control method according to claim 5, wherein said multicast 



source authentication information table further contains records indicating that it is 
needed for authentication requests to continue to be initiated to other multicast source 
authentication servers, the records corresponding to addresses of said other multicast 
source authentication servers. 

7. The multicast source control method according to claim 6, wherein said step c2 
further comprises: 

c23.if the matched multicast address corresponds to an address of other multicast 
source authentication server, sending said predefined node information indicating that 
said predefined node information is needed to continue to request for authentication from 
other multicast source authentication servers, and information of the address of said 
other multicast source authentication servers; said predefined node reinitiating an 
authentication request for the multicast source of said multicast message according to 
the received information. 

8. The multicast source control method according to claim 7, wherein the method 
also comprises: 

if the number of authentication request sent from said predefined node for the 
multicast source of said multicast message exceeds a predefined number, the 
authentication request for the multicast source being deemed as failed. 

9. The multicast source control method according to claim 1 , 5 or 8, wherein the 
method also comprises: if said predefined node does not receive a response in 
predefined time after initiating the authentication request for the multicast source of said 
multicast message, the authentication request for said multicast source being deemed 
as failed. 

10. A multicast source control system, comprising: 

a master multicast source authentication server: when multicast source 
authentication information stored therein is changed, the master multicast source 
authentication server notifies slave multicast source authentication servers; when the 
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master multicast source authentication server receives an authentication request 
transmitted from a predefined node, it transmits a corresponding authentication 
response to said predefined node in accordance with the authentication information 
stored therein; 

a group of slave multicast source authentication servers: the slave multicast source 
authentication servers update multicast source authentication information stored therein 
at a predefined period in accordance with the multicast source authentication information 
in the master multicast source authentication server; when the slave multicast source 
authentication servers receive an authentication message transmitted from a predefined 
node, they transmit a corresponding authentication response to said predefined node in 
accordance with the authentication information stored therein; 

a predefined node: when the predefined node receives a multicast message sent 
from the multicast source, it initiates an authentication request to the preconfigured 
multicast source authentication server thereof, and controls the multicast message sent 
from the multicast source in accordance with the response from the multicast source 
authentication server. 

11. The multicast source control system according to claim 10, wherein said 
predefined node is a router or a switch. 
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